Virus Bulletin, the independent security testing body, has launched a new testing methodology that measures the reactive and proactive detection capabilities of anti-malware products.
The new test, dubbed 'RAP' ('Reactive And Proactive') testing, measures products' detection rates across four distinct sets of malware samples. The first three test sets comprise malware first seen in each of the three weeks prior to product submission. These measure how quickly product developers and labs react to the steady flood of new malware emerging every day across the world.
A fourth test set consists of malware samples first seen in the week after product submission. This test set is used to gauge products' ability to detect new and unknown samples proactively, using heuristic and generic techniques.
The first set of RAP results - published alongside the latest VB100 certification on Red Hat Linux - conformed largely with expectations: a slight decline was seen in products' performance over the three reactive weeks, and a sharper downward step in detection for the proactive week. The RAP results can be viewed at http://www.virusbtn.com/vb100/rap-200902.xml [registration required - free of charge].
Test director John Hawes said: "Developing this new test scheme has been a tough job, with lots of consultation with our expert advisors and some interesting trial runs. It's great to get the first set of results out to our readers, and hopefully over time the system will provide some invaluable insights into the reactive and proactive performance of the solutions appearing in our tests."
The basic tenets of the VB100 certification programme will not change with the introduction of the RAP tests, rather the results of the RAP tests - which will be reported in the comparative reviews available to Virus Bulletin subscribers - will provide additional information about the products' detection capabilities.
Virus Bulletin has been testing and certifying anti-malware products for more than ten years in the VB100 certification scheme. The stringent VB100 tests pit each anti-malware product against a test set of malware from the WildList - a publicly available up-to-date list of the malware that is known to be circulating on computers around the world. To earn VB100 certification, products must be able to detect 100% of the malware contained in the WildList test set and must not generate any false alarms when scanning a set of clean files.
A full description of the RAP testing methodology can be seen at http://www.virusbtn.com/vb100/vb200902-RAP-tests [registration required - free of charge]
The full results of the VB100 certification of products for Red Hat Enterprise Linux, including results of the RAP test and other detailed results tables, can be seen at http://www.virusbtn.com/vb100/vb200902-comparative [registration required - free of charge]
About Virus Bulletin
Starting out in 1989 as a magazine dedicated to the anti-virus industry, Virus Bulletin quickly became the leading specialist testing body in the field of viruses and related malware. Today, Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the anti-malware and anti-spam fields, as well as conducting bimonthly certifications of anti-malware products. The certification has now been extended to anti-spam products. Virus Bulletin is supported by an Advisory Board comprising some of the world's leading anti-malware and anti-spam experts.